MySQL 9.x: test_sqlite3_pass_exts-t fails — 'mysql_native_password' plugin is not loaded

[renecannao]

Symptom

TAP test test_sqlite3_pass_exts-t (group mysql90-g4) fails partway through on MySQL 9.x:

# 2213 tests planned but only 10 executed
File test_sqlite3_pass_exts-t.cpp, line 182, Error: Plugin 'mysql_native_password' is not loaded
TAP test 299/325 'test_sqlite3_pass_exts-t' RC: 1

Partial-pass detail — ProxySQL's own SQLite3 extensions work fine

Assertions 1 through 10 PASS, covering argument-validation for the Admin SQLite3 hash-generation functions. For example:

ok 1  - MYSQL_NATIVE_PASSWORD()      wrong number of arguments
ok 2  - MYSQL_NATIVE_PASSWORD('a','b') wrong number of arguments
...
ok 5  - CACHING_SHA2_PASSWORD()      wrong number of arguments
...
ok 9  - CACHING_SHA2_PASSWORD(2, '00') Invalid argument type
ok 10 - CACHING_SHA2_PASSWORD('00', 2) Invalid argument type

This is important: ProxySQL's internal MYSQL_NATIVE_PASSWORD() SQLite function still works on 9.x — it's a pure hash-generation utility implemented in ProxySQL Admin and has nothing to do with the server plugin. The test's Phase 1 (Admin-extension correctness) is unaffected by the MySQL 9.x change.

Where it breaks — Phase 2 (backend end-to-end)

From the file header:

1. Create MySQL users with random pass and check pass reproduction for:
   • 'mysql_native_password'
   • 'caching_sha2_password'
2. Stress password creation, ensure start and length matches expected.
3. End-to-end password generation testing:
   1. Create passwords in both MySQL and ProxySQL using built-in Admin function for hash generation.
   2. Connect to ProxySQL and force a new backend connection using these passwords.

Phase 2 starts at line 181–182 in test_sqlite3_pass_exts-t.cpp:

MYSQL_QUERY_T_(mysql, DROP_USER.c_str());
MYSQL_QUERY_T_(mysql, CREATE_USER.c_str());     // line 182

Where CREATE_USER is built at line 174:

const string CREATE_USER {
    "CREATE USER '" + name + "'@'%' IDENTIFIED WITH '" + auth + "' BY RANDOM PASSWORD"
};

The test iterates over {"mysql_native_password", "caching_sha2_password"}. The first iteration picks up auth="mysql_native_password", the CREATE is rejected on 9.x with ER_PLUGIN_IS_NOT_LOADED, the test bails.

Test already has version gating — just missing the 9.x branch

The test binary already checks for BY RANDOM PASSWORD syntax support (requires MySQL 8.0+):

static bool g_mysql_supports_random_password = false;
static bool g_mysql_version_checked = false;

/**
 * @brief Check if MySQL server supports 'BY RANDOM PASSWORD' syntax (MySQL 8.0+)
 */

So the precedent for "detect server version, skip features not available" is there. What's missing is "on MySQL 9.x, skip the mysql_native_password iteration of Phase 2 and Phase 3 entirely" — keeping the caching_sha2_password iteration, and keeping all of Phase 1 (which doesn't touch the backend).

Proposed fix

1. Gate the backend-side fixture iteration by mysql_get_server_version():

   vector<string> auth_plugins = { "mysql_native_password", "caching_sha2_password" };
   unsigned long ver = mysql_get_server_version(mysql);
   if (ver >= 90000) {
       diag("Backend MySQL %lu: mysql_native_password plugin not loadable, skipping that iteration.", ver);
       auth_plugins.erase(std::remove(auth_plugins.begin(), auth_plugins.end(), "mysql_native_password"), auth_plugins.end());
   }

2. Adjust plan(N) based on the filtered plugin set.

3. Keep all of Phase 1 — the Admin extension functions MYSQL_NATIVE_PASSWORD() / CACHING_SHA2_PASSWORD() remain valid and coverage there should not regress.

Evidence from the test log

ok 1 ... ok 10       (Admin SQLite3 extension validation — all pass)
Creating user with random pass   user:'rndextuser0'
Issuing query "DROP USER IF EXISTS 'rndextuser0'" ...   (OK, warning)
Issuing query "CREATE USER 'rndextuser0'@'%' IDENTIFIED WITH 'mysql_native_password' BY RANDOM PASSWORD" ...
File test_sqlite3_pass_exts-t.cpp, line 182, Error: Plugin 'mysql_native_password' is not loaded
# 2213 tests planned but only 10 executed
RC: 1

Related

Sibling MySQL 9.x issues:

• MySQL 9.x: test_auth_methods-t fails — 'mysql_native_password' plugin is not loaded #5626 test_auth_methods-t (same "filter fixtures by backend plugin" pattern)
• MySQL 9.x: test_com_reset_connection_com_change_user-t fails — 'mysql_native_password' plugin is not loaded #5627 test_com_reset_connection_com_change_user-t
• MySQL 9.x: test_default_value_transaction_isolation_attr-t fails — 'mysql_native_password' plugin is not loaded #5628 test_default_value_transaction_isolation_attr-t
• MySQL 9.x: reg_test_4935-caching_sha2-t fails — 'mysql_native_password' plugin is not loaded #5629 reg_test_4935-caching_sha2-t (most structurally similar — also a plugin-iteration test)
• MySQL 9.x: test_server_sess_status-t fails — 'mysql_native_password' plugin is not loaded #5630 test_server_sess_status-t

Infrastructure: #5625 (dbdeployer-based MySQL 9.0/9.3/9.5 infras).

[coderabbitai]

🔗 Related PRs

#5485 - MySQL/PgSQL Authentication unit tests (Phase 2.2) [merged]
#5488 - Protocol encoding/decoding and utility unit tests (Phase 2.5) [merged]
#5538 - CI test fixes: cluster sync, plan counts, test group assignments, and diagnostics [merged]
#5559 - Fix crash when COM_BINLOG_DUMP received with idle backends (#5556) [merged]
#5612 - test(pgsql-ssl_keylog): fix container-local path + NSS label regex [merged]

---

📝 Issue Planner

_{Check the box below or use the @coderabbitai plan command to generate an implementation plan and prompts that you can use with your favorite coding assistant.}

• Create Plan

---

🧪 Issue enrichment is currently in open beta.

You can configure auto-planning by selecting labels in the issue_enrichment configuration.

To disable automatic issue enrichment, add the following to your .coderabbit.yaml:

issue_enrichment:
  auto_enrich:
    enabled: false

💬 Have feedback or questions? Drop into our discord!